Package: icinga-cgi
Version: 1.6.1-2
Severity: minor

Hi.

The current default in /etc/icinga/cgi.cfg for cgi_log_file is:
/usr/share/icinga/htdocs/log/icinga-cgi.log

Guess this is not only a quite bad place (/usr should not be touced, may be
read-only, etc.) but also forbidden by the policy (yes I know logging is 
disabled
by default).


Can we perhaps find a better place?
As it must be writable by the CGI user (at least per default www-data)
/var/log doesn't work, neither /var/log/icinga (owned nagios:adm).

My suggestions would be:
1) Let postinst create a file owned <cgi-user>:<cgi-user> in /var/log/icinga
and use this as default file.
2) Change the owner group of /var/log/icinga itself. (guess that would be a
worse solution).
3) Set just some dummy value to cgi_log_file, that makes the user clear, that
he has to set something sane/safe, if he want's to use it.


I would try to provide patches, if you decide what to do.


Cheers,
Chris.



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to